Actually, this was sent by "Takedown Piracy LLC" working on behalf of Wickedpictures. They file DMCA notices by the truckload according to the results I get in Chilling Effect's search, so you can safely assume they're a DMCA notice spammer.

Unfortunately, it does not list the individual lawyer who signed off on this complaint, or I would be tempted to draft a letter to their local bar association pointing out how careless they are, as no reasonable person could mistake Github's documentation for a porno movie.

Wicked might be paying them to do it, and if they're charging "per infringing URL removed", it makes a lot of sense that they're trying to get as many removed as possible. Wicked might also be a victim in this case.

It looks like everything with "wicked", "pushover", "knockout", "lipstick", and other keywords are being targeted. Clearly the work of an automated process and not a human.

One of the more amusing URLs that caught my attention is a link to a torrent search site with the query being a single, very generic keyword: "girl". Presumably the results of that search include content they want to remove, so it also got hit.

17 U.S. Code § 512(f)
Misrepresentations.— Any person who knowingly materially misrepresents under this section—
(1) that material or activity is infringing, or
(2) that material or activity was removed or disabled by mistake or misidentification,
shall be liable for any damages, including costs and attorneys’ fees, incurred by the
alleged infringer, by any copyright owner or copyright owner’s authorized licensee,
or by a service provider, who is injured by such misrepresentation, as the result of
the service provider relying upon such misrepresentation in removing or disabling
access to the material or activity claimed to be infringing, or in replacing the
removed material or ceasing to disable access to it.

There probably exist civil law remedies outside the DMCA's protections as well. Tortious interference, slander of title, something that might stick given the specific circumstances and how good your lawyers are. IANAL.

Shouldn't automated takedowns be considered null and void? If so, is there a way to allow firms that are known to send bogus automated takedowns be blacklisted? (i.e. you can always ignore them, if they try to push anything, you just point to their history of automated processes)

Something.

Anything. To discourage this behavior. To hit them where it hurts. (The wallet.)

Send one communication saying "your bot is clearly throwing up false positives; take action to investigate & remediate, ceasing all bot usage until implemented". Now they're aware / can't claim lack of knowledge. Give them a week or two to read the mail & turn the bot off, then any subsequent requests charge them for. If the fine's based on damages, charge them for all employees time taken to trawl through removing all spammy requests / for the cost of the team on your side who have to develop the automated filters.

Yes, they can. The fact that someone made that claim about the reliability of the process doesn't mean that the person sending the notice knew that any particular notice was in fact false at the time they sent it, even notices made after the claim of unreliability.

It is possible that if it can be proven that the recipient read the complaint, and failed to investigate it because they believed it was likely to be correct (or if, even without such a notice, they knew of the unreliability of the process and failed to investigate the facts of particular notices and just blindly relied on the process), and that decision was motivated by a desire to avoid discovering that the information was false, then they might be considered to have constructive knowledge, but that's a far cry from "a notice was sent claiming that the process was unreliable, so any error resulting from that process automatically will be found to be 'knowing'."

I wonder how these pages got picked up. If Wickedpictures is doing some type of Natural Language processing to identify these pages as their content, it would be interesting to analyze the content of these pages and reverse-engineer Wickedpictrue's system.

Then of course, you could package that reverse-engineering work as a service that will insert red-herring comments in source code to set off the automated DMCA takedowns, creating a free semi-private repository on github.

Has anyone (Mozilla, Yahoo, SUSE, Netflix, Facebook, Github) filed a counter-notice yet? That's the next step in the DMCA dance; if you file a counter notice, and the accuser does not then file a lawsuit, Google can put back the content.

Legal question - If you send a bad DMCA and can't be proven to have sent it in bad faith (so the penalties under that law don't apply), could you still be sued for negligence, loss of business, etc etc? I.e. you didn't break the federal law, but you still damaged me.

Arguably there may be other causes of action, but for a lone a DMCA takedown notice sans any accompanying threats, I believe Federal law would preempt and you're stuck try to meet the bar of intentional malice or negligence.

(IAANAL, but I listen to a lot of Jay-Z songs so I know a little bit.)

It's supposed to be perjury if they pretend to represent a work they do not, in fact, own. So if I falsely claim that I own Harry Potter and go file DMCA notices, I should get busted. But if I claim that something I actually do own the copyright on is infringed by something that clearly isn't infringing... well, there's nothing in the DMCA penalizing that.

In theory there might be some other claim against a person filing bogus DMCA notices, but given that people have been spamming half-bogus notices like this for years now, I'm not really holding my breath. I guess there have been a few that got in a little trouble, but not much. If they get in trouble it's usually for something bigger.

"A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed."

The wording actually results in "under penalty of purjury" to modify the succeeding part of the sentence, not the preceding part. As a result, the penalties only apply if you act on behalf of another party without authorization.

Penalties would apply for mislabelling content as copyright infringing as well as acting without authorization if the requirement was this along the lines of "a statement, under penalty of perjury, that the information in the notification is accurate and that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed."

I think he's talking about the knowing misrepresentation clause that I forgot about, actually (which is not the same as signing off on it under penalty of perjury). As noted by one of the comments above, this provision is completely toothless. To quote DannyBee: "Nobody has successfully gotten anyone fined/real damages for this provision yet. Partially because it requires knowing misrepresentation, not just negligent or even grossly negligent misrepresentation."

So you have to prove that they actually KNEW that Github was not a porno movie owned by them, not just that they were (hypothetically) filing legal papers while intoxicated or without actually reading them.

How you're supposed to prove they actually know anything at all in the face of the sheer stupidity demonstrated by this notice is an open question. I think a real lawyer would need to answer that, but I found something that makes it seem like the standard could be met if they made the statements with a complete disregard for the truth thereof - http://legal.practitioner.com/regulation/standards_9_3_1.htm

But it makes it seem like they could argue that they were simply careless and avoid it, so I don't honestly know.

If you send bogus DMCA takedown notices, and this qualifies as one, there can be legal consequences. The DMCA requires:

"A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed."

Whoops! This particular list of "infringing" URLs wasn't actually, well, accurate. The problem for whoever sent this bogus takedown (Wicked Pictures or its agent) is that now they can be held liable.

In a case brought by EFF in response to an earlier bogus takedown from Diebold, a federal judge in California held that Diebold could be "liable for damages" -- even though Diebold had by that point withdrawn the takedown request and promised not to send another.

DMCA 512 section (f) says that someone sending bogus takedowns "shall be liable for any damages, including costs and attorneys’ fees..." In the Diebold case, Diebold eventually paid EFF something like $125K in lawyer fees.

Note that this situation probably won't get that far. That's because the DMCA doesn't require Google or any other provider to comply with bogus takedown notices. And Google happens to have some smart attorneys (at least one ex-EFF lawyer, in fact) on its payroll who are well aware of that fact.

> Note that this situation probably won't get that far. That's because the DMCA doesn't require Google or any other provider to comply with bogus takedown notices. And Google happens to have some smart attorneys (at least one ex-EFF lawyer, in fact) on its payroll who are well aware of that fact.

Considering that they get requests for something like 8 million URLs to be removed every week, your ire seems a bit misdirected.

Safe harbor has enabled the modern web in many ways, but the DMCA takedown process is still heavily, heavily weighted toward the claimants.

It looks more like the URLs not taken down were mostly malformed or duplicates of earlier claims and they took action on the rest. Purposefully not acting on DMCA complaints due to obviously bogus takedown notices doesn't happen very often because you generally have to be really sure of what you're doing. Hard to do that when you have 8 million URLs to sift through to find the problematic ones.

Ire? You are misreading my comment. I merely sought to correct the parent poster’s view that Google would not remove anything partly because they have lawyers who used to work at the EFF. The fact is that Google did remove almost everything, and merely employing people who used to work for the EFF does not cause Google to be the EFF.

Yes, but you can certainly automate the process to a large extent. For example, many sites simply don't have the functionality allow copyright infringement. Also many sites will have >99% false positives, whereas torrent sites will have >99% true positives.

They could hire a few people to get through as many computer sorted reviews as possible, and the rest of them fall through the cracks.

The "under penalty of perjury" phrase modifies the second clause, not the first. In other words, it's not perjury if the information in the notice is inaccurate -- it's perjury if you falsely claim you are authorized to act on behalf of the grieving party.

I wonder how much due diligence Google puts into verifying DMCA notices beforehand. And if you wanted to do it "legit" you could create some works with search terms you wanna censor. So like, "Hotel Reservations in X", a photograph of a Ramada Inn. Then get these takedown firms to go spam notices like Wicked did here, and collateral damage ends up removing some of your competitors.

The DMCA is deliberately designed to discourage recipients of takedown notices for doing any verification beyond that the notices ate in the correct form before complying, since the safe harbor only applies when a proper (in form) notice is complied with and there is expressly no liability that can attach for complying with a formally correct notice that is substantively incorrect.

So I'd assume any due diligence is directed at formal correctness rather than substance as any other approach would have added cost to implement while increasing legal risk.

Yeah, which means people have to check searches for their result, then the DMCA notice, then file counterclaim and wait for Google to reinstate it. Seems like a pretty nifty blackhat tactic, especially if timed right.

> If the content at the URLs is NOT owned by Wicked, than they are claiming to represent the owner of the content at those locations, when they are in fact not.

No, there are two separate claims:

1) that the person represents the owner of a particular copyrighted work, and

2) that particular hosted content violates the copyright on the particular copyrighted work.

Only the first of those is under penalty of perjury. If the particular identified copyrighted work is owned by the party represented, then even if the particular identified hosted content doesn't violate the copyright of the identified work, there is no perjury issue (there may be a knowing false claim of infringement issue, but that requires proving that the person sending the notice knew that the identified hosted content did not infringe.)

They have an app. (https://play.google.com/store/apps/details?id=com.appbuilder...) It's just basic info on the law firm, a web page ground into app form. The contact address is "jjclifft@clifftallegrucci.com". But it probably won't work. The domain goes to a "No site here yet" page. However, the WHOIS data for the site has a valid street address, which is a house in a new and rather bleak subdivision in Trumbull, Texas.

>Isn't this little more than a low level case of "dox"-ing someone you disagree with?

You might as well have said

>Isn't this little more than a low level case of "dox"-ing someone that hurt your feelings

But I digress. Given that various socially unacceptable activity on the internet are frequently punished by doxxing (http://racistsgettingfired.tumblr.com/), I fail to see how this is any different.

The privacy of this "company" isn't violated the same way I publish your home address. People knowing them and refusing their business isn't censorship of their free speech or their rights or whatever they were up to before. However it may induce them to be more self conscious next time they commit perjury.

This is based under the assumption that this is the correct people and OP's witchhunt hasn't turned a wrong corner. Doxxing is often discouraged by civil communities because the chance of collateral damage is too high.

These people seem to be fine with taking out perfectly legit content from the internet because they haven't done their research properly. This impacts the hard work so many people have put in, but the complainant hasn't broken the law. The comment you were replying to hasn't broken any laws either.

The DMCA take down system is flawed, and invalid take downs should be penalized at $x.xx per blocked request.

In regards to them using a law firm in Texas, it may be due to favorable courts there for intellectual property holders. The first article I found about this talks specifically about patents [0], but I wouldn't be surprised if the courts were similarly favorable for other matters of intellectual property.

Just in case anyone skims this far and panics by misreading jkrems' post, I should clarify that they took down the Google search results for Cargo, rather than the Github repo [1]. Unfortunately, for the average user, removing something from Google may as well be a complete takedown...

Yeah, sorry. I took a lazy shortcut there. What I meant was "they targeted the URL of rust's package manager and took a link to it down". It was less about the impact and more about how they couldn't claim that they honestly thought ("good faith") they had any claim on that page. But from all I can find that doesn't matter since there don't seem to be any repercussions for these kinds of takedowns.

> Unfortunately not every company has Google's ability to manually sift through every bogus takedown request thrown their way.

Is there any evidence at all that Google actually manually sifts through every takedown (or even any takedown), or is everyone just speculating that they must because they Google?

I have no idea, but if we actually have evidence or public statement from Google to that effect, I'd be interested. And I definitely wouldn't assume it without that. But lots of people in these comment threads seem to be doing so (unless there's some widely known reports or evidence I don't know about?)

Google cannot afford the legal liability of taking decisions on whether a DMCA notice is valid or invalid.

They will take down everything specified in every DMCA notice even if it is obviously bogus, because not doing so opens them up to a lawsuit. (a lawsuit alleging malafide intentions or a lawsuit for harm if they should make a mistake in deciding which part of the DMCA notice to honor and which to ignore.)

It is up to the harmed party (the owner of whatever was taken down) to challenge the DMCA takedown in a court. Once you win in court, Google will restore whatever was removed.

You only have to send a counternotice and the content is restored after 10 business days. With most companies, you can just send a properly worded e-mail. Others, like Google, have a web form you fill in. The DMCA never forces content in dispute to remain offline indefinitely even if you have zero resources; the complaining party has to go to court to make that happen.

10 business days could be a long time if your company is in the middle of a launch or other time sensitive period, and that is 10 days after you notice: I assume they won't contact you (how would thy know who to contact and how with any reliability?) to say "we've de-listed these sites, you might want to look into if you need to respond". This could be used to damage competitors, or in this case to accidentally damage random unrelated people/companies.

YouTube got an interesting DMCA takedown request back in the day: it was issued by the Chinese government at the time of the Beijing Olympics. The details escape me but the title of the video was something like "Olympic Gymnastics Beijing" or some other searchbait/clickbait, with a plausible-looking thumbnail, but the video itself was a super-critical video directed at the Chinese government. China issued a bad-faith DMCA takedown on the grounds that they are the only authorized distributors of what the video claimed it was.

IIRC YouTube refused to block the site for this very reason; the "10 days later" would have ruined the clickbait purpose of the video as the event would have been well over and actual legitimate outlets for its content would have sprouted up.

I just put a few of those "Adam" URLs into Google Search and they show up in the results. The usual "some results have been removed due to DMCA" notice is not there either, so I think they haven't removed them - or did, and then put them back.

It is up to the harmed party (the owner of whatever was taken down) to challenge the DMCA takedown in a court. Once you win in court, Google will restore whatever was removed.

I doubt anyone has gone to court over the Adam URLs either. Some of those are personal pages (ironically enough, including a law professor: http://www.law.georgetown.edu/faculty/levitin-adam-j.cfm ) and it doesn't seem like whoever is responsible for them would even know that they were listed in a DMCA notice.

Presumably, Takedown Piracy LLC and their client would have to have signed the Sworn Statements on Google's DMCA page [0]:

I have a good faith belief that use of the copyrighted
materials described above as allegedly infringing is not
authorized by the copyright owner, its agent, or the law.
The information in this notification is accurate and I
swear, under penalty of perjury, that I am the copyright
owner or am authorized to act on behalf of the owner of an
exclusive right that is allegedly infringed.

Is there any recourse or punishment for falsely submitting a DMCA takedown request for content that is actually not under their copyright?

If enough of those tiny little shell companies get wrung out to bankruptcy, there won't be any left to act as fronts for this kind of unethical, and illegal, behavior. And, if they are acting on behalf of other companies, that would likely come out in the court proceedings...which could allow taking the suit up the chain to the actual parties who instigated it. One would hope, anyway, though IP law in the US behaves in deeply irrational ways sometimes.

They are so easy to setup that you'll never win that race. It'll cost you in time and other resource every time, and you'll get nothing back, and while you are faffing around with one ten more companies are ready to go.

It doesn't. This outfit, per Chilling Effect's search, pumps out notices by the hundreds. Most likely they use some script or tool to grab a bunch of URLs from various Google searches, then dump them into a form letter. I'm not sure if anyone was supposed to weed out the obviously bogus output, but I think we can all see that nothing of the sort happened.

They churn these out fast enough that nobody is actually paying any real attention to what they're doing from what I've seen.

This is most likely due to a script screwing up. A lot of these companies retain companies that specialize in filing these requests (see: www.google/com/transparencyreport/removals/copyright/faq/ for some more details.

My limited understanding is that these companies just use google search apis to try to find search results matching keywords. Then they file requests for every matching url. This is how obviously wrong requests show up.

There are also cases where requests appear to be malicious, but there are really no consequences since you (iirc) have to prove bad faith which is next to impossible and since everything is being adjudicated via third parties, there is really no incentive.

As I was scrolling through the list, that was my thought too... "Hey, check out all these porn sites I didn't know about!"

Then I realized their master plan: they're protecting their business model by (1) making it harder for us to do our work since it's harder for us to find the software libraries/tools we need, and (2) by providing us with a list of porn sites they fill up the time we would've otherwise spent coding.

Some are pretty terrible though. At the bottom of the list there's a link to "the rocki whore picture show". Why would anyone want to create that in the first place? (apart from satisfying the "there's porn version of it on the internet" rule)

That page shows all the dmca requests to google that target github.com. Wicked pictures shows up in a number of requests but they are by no means the only copyright holder issuing requests.

You can click through to the request pages and get links to chilling effects and it will also tell you which URLs were requested that were _not_ taken down. ChillingEffects just reports on the requests, not the actions.

We have received your legal request. We receive many such complaints each day; your message is in our queue, and we'll get to it as quickly as our workload permits.

Due to the large volume of requests that we experience, please note that we will only be able to provide you with a response if we determine your request may be a valid and actionable legal complaint, and we may respond with questions or requests for clarification. For more information on Google's Terms of Service, please visit http://www.google.com/accounts/TOS

Looking at common keywords among the URL's, it appears as though they are merely taking a movie database, googling titles, and submitting complaints for anything containing said title/keyword in the URL (e.g. Pushover, Knockout, Wicked, etc.).

Shady, manipulative, and particularly troubling when the DMCA protocol is "shoot-first" and there is absolutely no oversight or review.

Some kind of punitive penalty for false complaints and a few precedents are needed to put these copyright trolls in their place...

I'm surprised that one of the disruptive groups has not written a couple of bots that do mass DMCA takedown across a wide range of providers and content. Sure, it's illegal but that hasn't stopped them before. It feels like an easy way to create havoc.

Wow, I'm not familiar with this film studio, but this is a terrible move on their part. I don't go to the movies much anyway, but I'm gonna try to avoid paying for any of their films, and I urge everyone who cares about an open internet to do the same.